Secure the TMP directory
Enterprise security policies often require mounting the /tmp directory with the no execution (noexec) flag.
By default, Cassandra Java Native Access (JNA) is mapped to /tmp, and JNA requires an executable directory to start.
Policies that mount /tmp with noexec can prevent JNA from starting, which also prevents DSE from starting.
If DSE cannot start for this reason, you must remap JNA to an executable directory. Additionally, the user that runs the DSE service must have full read, write, and execute permissions on this directory.
Identify JVM initialization failure
If DSE fails to start, the JNA startup directory might be unavailable.
-
To verify this, get the last few lines of the system log:
tail -5 /var/log/cassandra/system.log -
Look for messages about JNA failure. For example:
ERROR main 2024-07-28 09:57:00,879 CassandraDaemon.java:213 - JNA failing to initialize properly. Use -Dcassandra.boot_without_jna=true to bootstrap even so. INFO Thread-2 2024-07-28 09:57:00,880 DseDaemon.java:418 - DSE shutting down... INFO Thread-2 2024-07-28 09:57:00,881 PluginManager.java:103 - All plugins are stopped.
Map the JNA tmpdir
-
Create a directory to use as the new JNA startup directory.
-
Grant the Cassandra (database) user full read, write, and execute permissions on this directory.
-
Find your DSE installation’s
jvm.optionsfile:-
Package installations:
/etc/dse/cassandra/ -
Tarball installations:
INSTALLATION_LOCATION/resources/cassandra/conf/Replace
INSTALLATION_LOCATIONwith the path where you extracted the DSE tarball.
-
-
Map the JNA temporary directory:
In the
jvm-server.optionsfile, add the-Djna.tmpdirflag with the absolute path to the new directory:jvm-server.options-Djna.tmpdir=JNA_STARTUP_DIRECTORY_PATHAlternatively, you can set this option in
cassandra-env.sh:cassandra-env.shJVM_OPTS="$JVM_OPTS -Djna.tmpdir=JNA_STARTUP_DIRECTORY_PATH"
